|
Mabry Software FTPServer/X Command Buffer Overflows
|
|
Secunia Advisory:
|
SA9013
|
|
|
Release Date:
|
2003-06-13
|
|
Last Update:
|
2005-03-10
|
|
Popularity:
|
6,713 views
|
|
|
Critical:
|
Moderately critical
|
|
Impact:
|
DoS
System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Unpatched
|
|
| Software: | FTPServer/X 1.x
Mollensoft FTP Server 3.x
|
|
|
Secunia CVSS-2 Score:
|
Available in Secunia business solutions 
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
|
| Advisory Content (Page 1 of 3) | [ 1 ] [ 2 ] [ 3 ] | |
|
Description:
Some vulnerabilities have been discovered in Mabry Software FTPServer/X, which can be exploited by malicious users to crash a vulnerable FTP server and potentially compromise it.
The vulnerabilities are caused due to boundary errors when processing arguments passed to various commands. This can be exploited to cause a buffer overflow by supplying an overly long argument (about 270 bytes) to the following commands:
- CWD
- STAT
- MKD
- XMKD
- RMD
- NLST
Secunia has confirmed the vulnerabilities in FTPServer/X versions 1.00.047 and 1.00.056. The vulnerabilities have also been reported in Mollensoft FTP Server (formerly Hyperion FTP Server) versions 3.5.2 and 3.6.0. Other versions may also be affected.
NOTE: Any FTP server based on the vulnerable component is likely affected.
Change Page:
[ 1 ] [ 2 ] [ 3 ]
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
